Date: Tue, 14 Oct 2025 23:03:16 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 290242] pf: cannot define table table-name: Cannot allocate memory Message-ID: <bug-290242-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290242 Bug ID: 290242 Summary: pf: cannot define table table-name: Cannot allocate memory Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: olivier@freebsd.org Attachment #264592 text/plain mime type: Created attachment 264592 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=264592&action=edit script to reproduce the problem Here is a reproducible problem on 14 and current (script attached) on x86 and ARM: We can’t load a table multiples time (like a blacklist table in crontab). How to reproduce: sh ./pf-big-table.sh Id Refs Name 535 1 pf Loading a public IPv4 blocklist prod_data-shield_ipv4_blocklist.txt 1390 kB 1150 kBps 01s System’s net.pf.request_maxcount (65535) too small to load this 99766 elements table Increasing it... net.pf.request_maxcount: 65535 -> 99767 System configured with net.pf.request_maxcount 65535 loading a 99766 table multiple times Try: 1 current VM usage ITEM SIZE LIMIT USED FREE REQ FAIL SLEEP XDOM pf table entries: 160, 200000, 0, 0, 0, 0, 0, 0 Try: 2 current VM usage ITEM SIZE LIMIT USED FREE REQ FAIL SLEEP XDOM pf table entries: 160, 200000, 99767, 58, 99767, 0, 0, 0 Try: 3 current VM usage ITEM SIZE LIMIT USED FREE REQ FAIL SLEEP XDOM pf table entries: 160, 200000, 99767, 99883, 199534, 0, 0, 0 pf.conf:1: cannot define table shield_ipv4.blocklist: Cannot allocate memory pfctl: Syntax error in config file: pf rules not loaded -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-290242-227>